Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

325 advisories

Loading
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows... High Unreviewed
CVE-2008-7074 was published May 17, 2022
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0... High Unreviewed
CVE-2014-8170 was published May 17, 2022
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main... Moderate Unreviewed
CVE-2013-2852 was published May 17, 2022
Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local... High Unreviewed
CVE-2012-0809 was published May 14, 2022
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record... High Unreviewed
CVE-2012-2369 was published May 14, 2022
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data... Critical Unreviewed
CVE-2018-5704 was published May 14, 2022
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an... Critical Unreviewed
CVE-2018-6317 was published May 14, 2022
Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module... Moderate Unreviewed
CVE-2017-17132 was published May 14, 2022
** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in... Critical Unreviewed
CVE-2018-7544 was published May 14, 2022
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a... Critical Unreviewed
CVE-2017-0898 was published May 14, 2022
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7... High Unreviewed
CVE-2010-1550 was published May 14, 2022
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in... Moderate Unreviewed
CVE-2008-5660 was published May 14, 2022
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute... High Unreviewed
CVE-2008-5982 was published May 14, 2022
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,... High Unreviewed
CVE-2008-6441 was published May 14, 2022
Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple... High Unreviewed
CVE-2013-5135 was published May 14, 2022
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC... Moderate Unreviewed
CVE-2013-3560 was published May 14, 2022
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute... High Unreviewed
CVE-2012-0646 was published May 14, 2022
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized... Critical Unreviewed
CVE-2018-1352 was published May 14, 2022
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a... High Unreviewed
CVE-2016-4864 was published May 14, 2022
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.... High Unreviewed
CVE-2017-15191 was published May 14, 2022
When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. High Unreviewed
CVE-2018-5205 was published May 14, 2022
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of... High Unreviewed
CVE-2018-5207 was published May 14, 2022
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed
CVE-2019-7715 was published May 14, 2022
The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads... High Unreviewed
CVE-2016-5716 was published May 14, 2022
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing... High Unreviewed
CVE-2018-17336 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database